Re: Why Penetration Test?

From: R. DuFresne (dufresne@sysinfo.com)
Date: Thu Jun 16 2005 - 15:59:20 EDT


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 14 Jun 2005, intel96 wrote:

> One question I have not seen yet concerning is why PenTest is: To justify
> your job and a budget.

And, while a valid reason in the far sense, the major reason might be to
validate that policies as written are in affect the actual case and being
followed. Or more bluntly, to validate the security measure in place.
Budgetary concerns coming afterwards, if security is a major concern and
gets the emphasis required of it.

Thanks,

Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         admin & senior security consultant: sysinfo.com
                         http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                 -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCsdobst+vzJSwZikRAqgPAJwKtKSGM5p87yglaQ9QrEFcNzRWeACeLWmO
3irgiY7SxdXU8hsut9LdDWA=
=ulSI
-----END PGP SIGNATURE-----



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:25 EDT